package edu.neu.swc.commerce.service.impl;

import com.alibaba.fastjson.JSON;
import edu.neu.swc.commerce.constant.AuthorityConstant;
import edu.neu.swc.commerce.constant.CommonConstant;
import edu.neu.swc.commerce.dao.EcommerceUserDao;
import edu.neu.swc.commerce.entity.EcommerceUser;
import edu.neu.swc.commerce.service.IJWTService;
import edu.neu.swc.commerce.vo.LoginUserInfo;
import edu.neu.swc.commerce.vo.UsernameAndPassword;
import io.jsonwebtoken.Jwts;
import io.jsonwebtoken.SignatureAlgorithm;
import lombok.extern.slf4j.Slf4j;
import org.springframework.stereotype.Service;
import org.springframework.transaction.annotation.Transactional;
import sun.misc.BASE64Decoder;

import java.security.KeyFactory;
import java.security.PrivateKey;
import java.security.spec.PKCS8EncodedKeySpec;
import java.time.LocalDate;
import java.time.ZoneId;
import java.time.ZonedDateTime;
import java.time.temporal.ChronoUnit;
import java.util.Date;
import java.util.UUID;

/**
 * <h1>JWT相关接口实现</h1>
 */
@Slf4j
@Service
@Transactional(rollbackFor = Exception.class)
public class JWTServiceImpl implements IJWTService {

    private final EcommerceUserDao ecommerceUserDao;

    public JWTServiceImpl(EcommerceUserDao ecommerceUserDao) {
        this.ecommerceUserDao = ecommerceUserDao;
    }

    @Override
    public String generateToken(String username, String password) throws Exception {
        return generateToken(username,password,0);
    }

    @Override
    public String generateToken(String username, String password, int expire)
            throws Exception {
        //1.验证用户是否能够通过授权校验，及输入的用户名和密码能否匹配数据表记录
        log.info("username and password is[{}],[{}]", username,password);
        EcommerceUser ecommerceUser = ecommerceUserDao.findByUsernameAndPassword(
                username,password
        );

        if(null == ecommerceUser){
            log.error("can not find user:[{}],[{}]",username,password);
            return null;
        }
        //2.Token中塞入对象，即JWT中存储的信息，后端拿到这些信息就知道是哪个用户在操作
        LoginUserInfo loginUserInfo = new LoginUserInfo(
                ecommerceUser.getId(), ecommerceUser.getUsername()
        );

        if(expire <= 0){
            expire = AuthorityConstant.DEFAULT_EXPIRE_DAY;
        }

        //3. 计算超时时间
        ZonedDateTime zdt = LocalDate.now().plus(expire, ChronoUnit.DAYS)
                .atStartOfDay(ZoneId.systemDefault());
        Date expireDate = Date.from(zdt.toInstant());

        String s = Jwts.builder()
                //jwt-pay-load
                .claim(CommonConstant.JWT_USER_INFO_KEY, JSON.toJSONString(loginUserInfo))
                // jwt id
                .setId(UUID.randomUUID().toString())
                //jwt 过期时间
                .setExpiration(expireDate)
                //jwt 签名
                .signWith(getPrivateKey(), SignatureAlgorithm.RS256)
                .compact();

        log.info("the token is :[{}]" ,s);
        return s;
    }

    @Override
    public String registerUserAndGenerateToken(UsernameAndPassword usernameAndPassword) throws Exception {
        //1.校验用户名是否存在，如果存在，不能重复注册
        EcommerceUser oldUser = ecommerceUserDao.findByUsername(usernameAndPassword.getUsername());
        if(null != oldUser){
            log.error("username is registered [{}]", oldUser.getUsername());
            return null;
        }
        EcommerceUser ecommerceUser = new EcommerceUser();
        ecommerceUser.setUsername(usernameAndPassword.getUsername());
        ecommerceUser.setPassword(usernameAndPassword.getPassword()); // 经过MD5编码以后的密码
        ecommerceUser.setExtraInfo("{}");

        //注册一个新用户，写一条记录到数据表中
        ecommerceUser = ecommerceUserDao.save(ecommerceUser);
        log.info("register user success[{}],[{}]",
                ecommerceUser.getUsername(),
                ecommerceUser.getId());
        return generateToken(ecommerceUser.getUsername(),
                ecommerceUser.getPassword());
    }

    /**
     * <h2>根据本地存储的私钥获取到private key对象</h2>
     */
    private PrivateKey getPrivateKey() throws Exception{
        PKCS8EncodedKeySpec priPKCS8 = new PKCS8EncodedKeySpec(
                new BASE64Decoder().decodeBuffer(AuthorityConstant.PRIVATE_KEY)
        );
        KeyFactory keyFactory = KeyFactory.getInstance("RSA");
        return keyFactory.generatePrivate(priPKCS8);
    }
}
